The present invention relates to computer systems, and to securing the integrity of computer systems.
The trusted computing group has developed guidelines for remote application attestation to confirm that an application is to be trusted. This involves the use of a trust module (termed a trusted platform module) that holds trust data including private keys to the system and measurements of the software applications to confirm their validity. The measurements include generating a hash of firmware or software as appropriate. Included in this trust data is also platform relating to a software stack and a core root of trust measurement relating to firmware that initiates the computer system hardware and possible other layers of firmware prior to loading of the operating system. This data is platform specific. The trust data is secured in the trust module using a manufacturer key.
The present invention addresses the technical problem of porting such data to a replacement system, in the event, for example, of the failure of a computer system.